Firewall
1.開啟防火牆:
systemctl start firewalld
2.關閉防火牆:
systemctl stop firewalld
3.查看防火牆狀態:
systemctl status firewalld
4.設置開機啟動:
systemctl enable firewalld
5.禁用開機啟動:
systemctl disable firewalld
6.重啟防火牆:
firewall-cmd --reload
7.開放端口(修改后需要重啟防火牆方可生效):
firewall-cmd --zone=public --add-port=8080/tcp --permanent
8.查看開放的端口:
firewall-cmd --list-ports
9.關閉端口:
firewall-cmd --zone=public --remove-port=8080/tcp --permanent
Iptables
由於CenterOS7.0以上版本並沒有預裝Iptables,我們需要自行裝。安裝前先關閉firewall防火牆
1.安裝iptables:
yum install iptables
2.安裝iptables-services:
yum install iptables-services
3.開啟防火牆:
systemctl start iptables.service
4.關閉防火牆:
systemctl stop iptables.service
5.查看防火牆狀態:
systemctl status iptables.service
6.設置開機啟動:
systemctl enable iptables.service
7.禁用開機啟動:
systemctl disable iptables.service
8.查看filter表的幾條鏈規則(INPUT鏈可以看出開放了哪些端口):
iptables -L -n
9.查看NAT表的鏈規則:
iptables -t nat -L -n
10.清除防火牆所有規則:
iptables -F
iptables -X
iptables -Z
11.給INPUT鏈添加規則(開放8080端口):
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
12.查找規則所在行號:
iptables -L INPUT --line-numbers -n
13.根據行號刪除過濾規則(關閉8080端口):
iptables -D INPUT 1